Systems and methods for distributed extended common vulnerabilities and exposures data management

Systems and methods for distributed extended common vulnerabilities and exposures data management
US11381589

In one aspect, the present disclosure is directed to systems and methods for validating and securely storing security entry updates. The security entry update is received from a contributor, and broadcast to a plurality of computing nodes. It then is determined whether to validate the received security update at each computing node of the plurality of computing nodes. If the received security entry update is validated, information relating to the received security update is added as transaction information in a current block, the current block is included in a blockchain that is stored in a datastore of each computing node of the plurality of computing nodes. Other aspects also are described.

PTO Wrapper PDF
Dossier Espace Google

Patent 11381589
Priority Oct 11 2019
Filed Oct 11 2019
Issued Jul 05 2022
Expiry Aug 22 2040 Extension 316 days
Inventors Haber, Way…
Assg.orig SECUREWORK…
Assg.curr SECUREWORK…
Entity Large
Referenced by 0
References 231
Maint.: currently ok

TECHNICAL FIELD
BACKGROUND
SUMMARY
BRIEF DESCRIPTION OF…
DETAILED DESCRIPTION

10. A system for validating and securely storing security updates amongst a threat intelligence community, comprising:

a distributed network including a plurality of computing nodes, each of the computing nodes managed by one or more members of the threat intelligence community;

one or more processors at a series of computing nodes of a distributed network, wherein each of the computing nodes includes a memory having a datastore configured to store and manage a blockchain comprising a plurality of security updates; and

a non-transitory memory storing computer readable instructions that are accessed and executed by the one or more processors of the computing nodes to cause the computing nodes to:

receive a security update broadcast to the distributed network of computing nodes from at least one contributor;

determine whether to validate the received security update based on a set of rules, the set of rules including, at least, a determination that the received security update includes selected fields, and on votes or weighted votes received from members of the threat intelligence community to validate or deny the received security update; and

if the received security update is validated:

add information relating to the received security update as transaction information in a current block; and

include the current block in the blockchain in the datastore of each computing node of the plurality of computing nodes.

1. A method for validating and securely storing security updates amongst a threat intelligence community, comprising:

receiving a security update submitted from one or more contributors to members of the threat intelligence community;

broadcasting the received security update to a plurality of computing nodes in communication with one or more networks, each of the computing nodes managed by one or more of the members of the threat intelligence community and including a memory configured to store a blockchain;

determining whether to validate the received security update at each computing node of the plurality of computing nodes, including:

determining whether the received security update includes one or more required fields; and

initiating voting among members of the threat intelligence community and receiving votes for validation or denial of the received security update from at least some of the members of the threat intelligence community; and

if the received security update is validated by a selected number of votes or weighted votes from the members of the threat intelligence community:

adding information relating to the received security update as transaction information in a current block; and

including the current block in the blockchain stored in the memory of each computing node of the plurality of computing nodes; and

if the received security update did not receive the selected number of votes or weighted votes, deny validation of the received security update.

2. The method of claim 1, wherein if the received security update is validated, the method further comprises:

providing an incentivizing award to at least one contributor of the one or more contributors of the received security update.

3. The method of claim 2, wherein the incentivizing award comprises one or more digital tokens.

4. The method of claim 1, further comprising:

generating hash value of a previous block in the blockchain and including the hash value in the current block.

5. The method of claim 1, wherein the one or more required fields include information related to an identifier, a description, and at least one public reference.

6. The method of claim 1, further comprising:

receiving a staked amount of digital tokens for the votes for validation or denial of the received security update from each computing node of the plurality of computing nodes; and

weighting the votes based on the staked amount of digital tokens for each vote to determine whether to validate or deny the received security update.

7. The method of claim 1, further comprising:

generating an amount of digital tokens staked for the security update by the one or more contributors, and

if the submitted security update is validated, providing a digital token award from the generated digital tokens award to the one or more contributors.

8. The method of claim 1, further comprising locking or deactivating generation of new or additional digital tokens during validation of the received security update.

9. The method of claim 1, wherein the security update comprises a Common Vulnerabilities and Exposures (CVE) update and/or an Extended Common Vulnerabilities and Exposures (ECVE) update.

11. The system of claim 10, wherein the computer readable instructions that are accessed and executed by the one or more processors of the computing nodes further cause the computing nodes to generate hash value of a previous block in the blockchain and include the hash value in the current block.

12. The system of claim 10, wherein the one or more selected fields include information related to an identifier, a description, and at least one public reference.

13. The system of claim 10, wherein the computer readable instructions that are accessed and executed by the one or more processors of the computing nodes to determine whether a majority of votes or weighted votes received from members of the threat intelligence community is in favor of validation of the received security update comprise instructions configured to:

receive votes for validation or denial of the received security update from each computing node of the distributed network;

determine a total number of votes or weighted votes for validation or denial of the received security update; and

validate the received security update if a majority of received votes or weighted votes are in favor of validation of the received security update.

14. The system of claim 10, wherein the computer readable instructions that are accessed and executed by the one or more processors of the computing nodes further cause the computing nodes to:

generate an amount of digital tokens staked for the security update by the contributor, and

if the submitted security update is validated, provide a digital token award from the amount of generated digital tokens to the contributor.

15. The system of claim 14, wherein the computer readable instructions that are accessed and executed by the one or more processors of the computing nodes further cause the computing nodes to lock or deactivate generation of new or additional digital tokens during validation of the received security update.

16. The system of claim 10, wherein the security update comprises a Common Vulnerabilities and Exposures (CVE) update and/or an Extended Common Vulnerabilities and Exposures (ECVE) update.

17. The system of claim 10, wherein the computer readable instructions that are accessed and executed by the one or more processors of the computing nodes further cause the computing nodes:

if the received security update does not include the specific fields, transmit a notification to the contributor indicating that the received security update was denied due to lack of at least one field of the specific fields.

TECHNICAL FIELD

In one aspect, the present disclosure relates to security data management, and more specifically, systems and methods for distributing, storing, and/or validating common vulnerabilities and exposures intelligence entries using blockchain. Other aspects also are described.

BACKGROUND

Existing security vulnerabilities and exposures intelligence databases, such as databases that provide entries or definitions for publicly disclosed or known security vulnerability and exposure intelligence, such as Cybersecurity Vulnerabilities and Exposures (“CVEs”), are generally made available online (e.g., one such database is provided by the MITRE Corporation of Bedford Mass., which organizes and runs a centralized online system providing access to information in their database as a whole via a search engine). Available centralized systems however historically have faced many problems and various disadvantages. For example, existing systems experience considerable delays, with contributors becoming frustrated with available systems, due to the fact that it can take a significant amount of time, such as many months or even several years, before new entries or updates thereto are assigned/released, creating a significant backlog of entries and potentially giving malicious actors time to develop new/different tactics that cannot be quickly detected. Further, since these centralized systems generally are owned and maintained by one, or only a few, specific entities that have exclusive control thereof, security researchers and analysts typically cannot effectively participate in developing new entries or updates thereto, and further do not receive adequate credit when they do contribute. Still further, because the intelligence entries and updates thereto are subject to being rejected outright by the controlling entities, e.g., for being viewed as out of scope, many important entries and updates developed/discovered by security analysts and others in the security field are never even considered for inclusion in existing databases, potentially resulting in significant coverage gaps.

Accordingly, it can be seen that a need exists for more efficient ways of security entry and update verification for security vulnerabilities and exposures intelligence databases, and in particular, for systems and methods that enable decentralized sharing, validation, and storing of cybersecurity knowledge or intelligence and that can incentivize consensus based updates in the cybersecurity intelligence community, while also allowing for the release of intelligence information quicker, without having to go through one or only a few entities. The present disclosure addresses these and other related and unrelated problems in the art.

SUMMARY

Briefly described, the present disclosure is generally directed to techniques for management of data, reward, and authority associated with a distributed security vulnerabilities and exposures intelligence system. The system can store security entries and updates thereto that can include Common Vulnerabilities and Exposures (“CVEs”) or Extended Common Vulnerabilities and Exposures (“ECVEs”).

In one aspect, a distributed security vulnerabilities and exposures intelligence system can include a secure chain of data blocks stored on computing nodes including computing devices or other suitable information handling systems. The computing nodes can be part of a distributed network(s) of public or private computing nodes, and store and maintain the chain of data blocks securely, as a blockchain. The chain of data blocks maintained in each computer node further contains data blocks that represent one or more validated updates to security entries, such as CVEs or ECVEs. Blocks can be added to the blockchain periodically, as new updates are proposed, and synced across all computing nodes, with each computer node on the distributed network acting as miner of the blocks using a Proof of Work (“PoW”) algorithm or workflow to secure the blockchain, which miners can receive digital tokens as compensation. The computing nodes on the distributed network further may be configured to act either or both as validator and voter of the updates using a Proof of Stake (“PoS”) algorithm or workflow, and also can receive and distributing digital tokens as compensation for voting or validation. The blockchain generally enables the creation and maintenance of a digital ledger or record of transactions on a ledger of records among the distributed computing network, and uses cryptography to allow each participant on the network to manipulate the ledger securely, without the need for a central point of control.

The system also can provide rewards to incentivize contributions, and more openness and flexibility using a democratic approval process for entry and update verification. For example, the distributed security vulnerabilities and exposures intelligence system may include a merit distribution mechanism on the blockchain that may reward users with digital tokens for creating and updating security entries. Issuance of these digital tokens provides a way to reward and incentivize contributors and validators, and also ensure that anyone who uses the intelligence system becomes a “shareholder” of the data. The digital tokens further can be used to enable access, enact revisions, and power the system. For example, if a user identifies incorrectness in an entry field, the user can commit an amount of digital tokens to challenge it. If a majority of committed stake from other contributors (validators) agrees with the dissenting user, on a consensus basis, an amendment can be made to the entry and the dissenting user's digital tokens may be returned along with some additional digital tokens, as compensation. Similarly, if a user identifies relevant extra data to be added to an ECVE, and other contributors (validators) agree with that addition, on a consensus basis, additions will be made, and digital tokens can be rewarded to that contributor. Validators who agree with the consensus decision to either approve or reject an update also may receive digital tokens as compensation.

In another aspect, a method for validating and storing security vulnerabilities and exposures intelligence entries is provided. This method can include storing a secure chain of data blocks in computing nodes including information handling systems that are part of a distributed network of computing nodes. The set of computing nodes part of that network store and maintain the chain of data blocks, securely. Each block represents one or more security entries or updates thereto, such as CVEs or ECVEs. The method further comprises adding blocks to the chain periodically (e.g., when new entries or updates thereto are proposed by participants) and syncing across all computing nodes in response to determining that update data associated with the last data block are valid. These method steps can be implemented by one or more processors operatively coupled with storage or memory associated with the given computer node.

In a further aspect, a computer program product can include a digital token program or module having encoded therein executable code of one or more software programs. The one or more software programs, when executed by one or more processors implement steps of: minting of new digital tokens, locking of digital tokens during the security entry or update consensus process, and transfer of digital tokens. The one or more processors can be included in a computer node that is part of a set of computing nodes in a distributed network thereof wherein each confirms the minting of new digital tokens, lock of digital tokens during the entry and update consensus process, and transfer of digital tokens.

In yet another aspect, a computer program or computer program product comprises a voting program or module. The voting program can have encoded therein executable code of one or more software programs, workflows, etc., which has scope to elect approval or rejection of each security entry or update based on a PoS consensus algorithm. The voting program can be configured to facilitate majority stake consensus approval mechanism for entries or updates. When approved, new entries or updates can be persisted on the blockchain in a trustless manner.

Accordingly, illustrative embodiments of the present disclosure advantageously provide effective techniques for validating, managing, and storing data related to vulnerabilities and exposures intelligence entries and updates, such as updates to CVEs or ECVEs. These embodiments provide a secure and robust approach to tracking, amending, and appending information related to such security entries, and the various fields of the security entries and updates may be securely tracked using the secure chain of data blocks. Furthermore, the digital token and voting system embodiments can provide effective techniques for providing an incentive and reward mechanism to all types of actors in the system, such as contributors, validators, and miners that secure the blockchain on the network.

Other various objects, features, and/or advantages of the present disclosure will become apparent to those skilled in the art upon a review of the following detail description, when taken in conjunction with the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

It will be appreciated that for simplicity and clarity of illustration, elements illustrated in the Figures are not necessarily drawn to scale. For example, the dimensions of some elements may be exaggerated relative to other elements. Embodiments incorporating teachings of the present disclosure are shown and described with respect to the drawings herein, in which:

FIG. 1 illustrates a schematic diagram of a distributed system for tracking, validating, and/or maintaining security entries and updates thereto onto a blockchain according to the present disclosure.

FIG. 2 shows a block in the blockchain including an ECVE entry with exemplary data according to the present disclosure.

FIG. 3 shows a blockchain that tracks update transactions related to intelligence entries according to the present disclosure.

FIG. 4 provides a schematic illustration of a process for a security entry or update broadcast to all computing nodes on the network, along with its validation, storage, and digital token reward credited to a mining node according to one example of the present disclosure.

FIG. 5A provides a schematic illustration of a process of a token committed security entry or update broadcast to all computing nodes on the network, along with its validation, storage and digital token reward credited to the update contributor according to one example of the present disclosure.

FIG. 5B illustrates a schematic diagram of a process for a digital token committed security entry or update broadcast to all computing nodes on the network, along with its rejection, and digital token kept away from the update contributor according to one example of the present disclosure.

FIG. 6 illustrates a schematic diagram of the Proof of Stake (“PoS”) validation process applied to an update broadcasted to all computing nodes on the network according to one example of the present disclosure.

FIGS. 7A and 7B illustrate a process or method for validating and securely storing security entry updates according to one aspect of the present disclosure.

FIG. 8 shows a computing node according to one example of the present disclosure.

The use of the same reference symbols in different drawings indicates similar or identical items.

DETAILED DESCRIPTION

The following description in combination with the Figures is provided to assist in understanding the teachings disclosed herein. The description is focused on specific implementations and embodiments of the teachings, and is provided to assist in describing the teachings. This focus should not be interpreted as a limitation on the scope or applicability of the teachings.

FIG. 1 illustrates a distributed security vulnerabilities and exposures intelligence system 10 for validating and securely storing security entries or updates thereto according to the present disclosure. The security entries or updates can include Common Vulnerabilities and Exposures (“CVEs”) entries or updates and/or Extended Common Vulnerabilities and Exposures (“ECVEs”) entries or updates. CVEs and ECVEs can include a dictionary of definitions for publicly disclosed or otherwise known cybersecurity vulnerability and exposure intelligence, and can facilitate the sharing of data or information across separate vulnerability or threat reduction capabilities, such security tools, databases, and services. The present disclosure however is not limited to validating and sharing of CVEs and ECVEs and can used any suitable cybersecurity entries, updates, definitions, intelligence information, etc. that can be shared to facilitate the development of security or threat reduction tools, databases, modeling, detecting and/or services, without departing from the scope of the present disclosure.

As also illustrated in FIG. 1, the system 10 includes a plurality of computing nodes 12 each having a processor(s) 14 and a memory (or memories) 16 on which a blockchain datastore 18 and block datastore 20 are maintained. The plurality of computing nodes 12 can be managed by members of a threat intelligence community, such as a community that generates, shares, distributes, etc., threat intelligence entries for detecting security threats, developing cyber security tools, etc. The blockchain and block data 18/20 can include information or data related to submitted and/or validated security updates, such as CVE or EVCE updates. For example, the blockchain datastore 18 can include a chain of validated blocks, and the block data store 20 can include information related to a current being mined by the respective computing nodes 12. The system 10 also includes a network 22 or set of networks, with each computer node 12 being in communication with the network(s) 22, e.g., via a wireless or wired connection or other suitable connection that allows for the transmission and receipt of data or information. The network 22 can include a public or private network, and in one embodiment, the network 22 includes the internet or other publically available network, though any suitable public or private network can be used without departing from the scope of the present disclosure. In one example embodiment, the system 10 may initially begin using a private network that is access by only a few cybersecurity intelligence contributors and then transition to a larger public network as more and more contributors join or contribute.

According to the present disclosure, data blocks, e.g., related to security entries and/or updates, are added to the chain periodically and synced across all the computing nodes 10. In particular, the computing nodes 12 can receive broadcast security updates, e.g., by listening on a socket connection in communication with the network 22, from system contributors, participants or other security researchers or entities. The security updates then can be added to a current or latest block as one or more transactions that will be included in the blockchain if verified by the computing nodes 12. Accordingly, a secure chain of data blocks can be stored in the memory 16 of the computing node 20 such that the set of computing nodes 12 in communication with the network 18 store and maintain the chain of data blocks (blockchain) securely and in a distributed manner. Thus, the blockchain generally enables the creation and maintenance of a digital ledger or record of security entries and updates, e.g., CVE and ECVE updates, on a secure ledger of records distributed about the system 10. One benefit of storing CVEs and ECVEs on the blockchain ensures that data validation is decentralized and securely maintained, so as to improve CVEs or ECVEs access availability, replication, as well as higher level of censorship prevention, in comparison to existing centralized systems.

The system 10 further uses cryptography to allow each participant to manipulate the ledger securely, without the need for a central point of control. In particular, for each submitted and validated block added to the blockchain, the system 10 generates a hash of the previous block in the block chain and provides a hash value or information related thereto with the validated block to be stored in the blockchain datastore 18 in the memory 16 of the computing nodes 12. More specifically, the system 10 applies a cryptic hash function or other suitable hash function or algorithm to data or information of or related to the previous block in the block chain and adds the hash to the current block for identification thereof (e.g., the memory 16 of the computing nodes 10 can store instructions, workflows, etc. for the hash function or algorithm that can be accessed by the processors 14 and applied to data or information of or related to the previous block for generation of the hash value).

Each computer node 12 in the distributed network 22 additionally can act as a miner of blocks for the blockchain, with each computer node 12 including a validation controller 24 that facilitates mining of the blocks. In particular, when a contributor submits a new security update for consideration by network participants, e.g., as a new block to be added to the chain and synced across all computing nodes 12, each computing node 12 can apply the validation controller 24 that includes a Proof of Work (“PoW”) workflow, algorithm, etc., to verify the blocks and secure the chain. The PoW generally facilitates validation and rejection of newly submitted blocks on a consensus basis. That is, in one embodiment, as discussed in detail in connection with FIGS. 4-6 below, the majority of system participants/stakeholders will determine whether an update gets validated or rejected using the PoW. However, in alternative embodiments, e.g., as discussed in connection with FIG. 7, validation can be controlled by votes that are weight based on digital tokens using a Proof of Stake (“PoS”) algorithm, workflow, etc. Each computer node 12 on the distributed network may act either or both as a miner/validator and voter of security updates using PoW and PoS, and will receive and distribute digital tokens as compensation therefor. The PoW and PoS can be stored in the memories 16 of the computing nodes as part of the validation controller 24, though the PoW can be additional separate software programs or components without departing from the scope of the present disclosure.

In addition, the system 10 can include a digital token software program or module that facilitates creation, control, and/or distribution of digital tokens. For example, the system participants managing the computing nodes 12 may be granted one or more incentivizing rewards, such as digital tokens, notifications, payments, etc., for mining and validation of new blocks, and further contributors of new security entries or updates may be granted one or more incentivizing rewards for security updates that are validate and synced across all nodes, e.g., CVE and ECVE updates that are added to the blockchain ledger or database thereof. The digital token program can be configured to create or mint new digital tokens. The digital token program can be configured to lock the digital tokens, e.g., prevent creation or distribution thereof, during the security entry or update consensus process. And, the digital token program can be configured to transfer digital tokens to the computing nodes 12 when appropriate, e.g., as compensation for mining/validation or as an award for a validated security update. The digital token program can be part of the validation controller 24, though the digital token program can be a separate, additional program, component, etc., without departing from the scope of the present disclosure. One or more of the processors 14 of the computing nodes 10 will access and execute the digital token program or components thereof, which includes encoded therein executable codes, instructions, workflows etc. that when executed by one or more of the processors 14, causes the processors to generate and confirms the minting of new digital tokens, lock digital tokens during the entry/update consensus process, and transfer the digital tokens to appropriate participants.

In one embodiment, an ECVE blockchain may start off (genesis) as a private network, where only a small set of contributors or single contributor sync(s) the blockchain with the publicly available data set of existing CVEs. Then, the contributor(s) can open up connections to exhibit the blockchain to other potential contributors, miners, security analysis, researchers, etc. interested in maintaining, securing, and/or updating the ECVEs blockchain data base. The system further can benefit from network effect, with the system getting stronger and stronger as the network of miners and contributors grows in size and more and more cybersecurity intelligence information is included in the system, e.g., allowing for the development of more effective cybersecurity tools, databases, and services.

FIG. 2 shows an example security update entry 50 that includes an ECVE revision entry with field definitions or information 52 that ECVE entities generally have to comply with. The EVCE field definition/information 52 generally extends the list of CVE fields definition with additional fields. In one embodiment, the ECVE field information 52 includes an identification string or other identifier 52A for the update (e.g., an alpha-numeric identifier with four or more digits in a sequence); a description 52B of the additional information or revision of information related to specific vulnerability or exposure intelligence information; at least one reference 52C related to the specific vulnerability and exposure intelligence information (e.g., the at least one reference can include a URL or other public reference, such as a vulnerability report, advisory, etc., that includes information supporting the entry or submission); time and date information 52D, such as a timestamp relating to a creation or validation time and date of the update; contributor information 52E identifying the contributor of the update, which allows the system 10 to attribute one or more digital tokens to that revision contributor; statistics or metric information 52F, such as Common Vulnerability Scoring System (“CVSS”) metrics or other suitable metrics; metadata 52G; a revision number 52H, such as a number or other information indicating the number of revisions for the EVCE; and voting information 521, such as information indicating the number or percentage of votes or weighted voted the revision received for validation; and/or other suitable information or data or combinations thereof. The present disclosure is not limited to EVCEs and can include CVEs or other suitable security entries or updates. For example, CVEs including an identification number or other identifier 52A; a description 52B; at least one reference 52C; as well as time and date information 52D can be used without departing from the scope of the present disclosure.

In one embodiment, these security update entries 50 may be stored outside the network of computing nodes 12, such as in a database or other suitable datastore in communication with the system 10; however, these security update entries can be stored in the memory 16 of one or more of the computing nodes 12, without departing from the scope of the present disclosure.

FIG. 3 illustrates an exemplary blockchain database 60 that tracks security update transactions related to one or more ECVE updates according to the present disclosure. Each computer node 12 in communication with the network 22 computes the blockchain 60. As shown in FIG. 3, each block 62 includes transaction information 64 related to one or more transactions including creating, amending, or appending data to one or more ECVE updates. The transaction information 64 can include the EVCE field information 52 shown in FIG. 2, and can include other suitable information related to the transaction without departing from the scope of the present disclosure. Each block 62 also includes a hash value 66 computed by hashing information or data of the previous block as described above. In the illustrated example shown in FIG. 4, Block N contains data of one ECVE update transaction plus a hash value of the previous block N−1 that represents all previous N−1 blocks. As further shown in the illustrated example, each block can include information related to a plurality or set of transactions 64. For example, in one embodiment, a time period can be set for updates, appendices, amendments, etc. to a specific security, and during that time period, each validated/verified update can be added as a transaction to the current block to be included in the blockchain, e.g., upon expiration of the set time period.

Typically, each block 62 can accommodate one or more transactions, and as the transactions flow into the network, each node of the network generally will be able to process them into a block in a timely manner. Alternatively, each block could represent only a single transaction, i.e., each security entry, e.g., a particular ECVE, and can have its own blockchain including verified updates, appendices, amendments, etc. thereto added as single blocks in the blockchain, for example, depending on possible block size limitations for receipt of the transactions within a selected cycle period. Furthermore, according to this disclosure, the block size, e.g., the number of transactions allowed to be included in each block, may be limited and/or increased to reduce the impact of spam, such as contributors presenting or validating meritless entries or updates, e.g., to allow action to be taken, such as modifying the software with other spam prevention systems.

FIG. 4 illustrates a process for a security update broadcast to all computing nodes 12 on the network 22, along with its validation, storage, and reward according to one example of the present disclosure. As shown in FIG. 4, at 102, a contributor can submit an update for a security entry, e.g., using one of the computing nodes 12 or other computing device in communication with the network 22. Then, at 104, the submitted update is broadcast to each of the computing nodes 12. Upon receipt of the update, the computing nodes 12 will make a determination as whether to validate or verify the update, at 106. For example, the validation controller 24 can verify the update against a set of rules or requirements for validation. Information or data related to the current block can be stored in the block data store 20 during mining/validation thereof. If validated, at 108, the validated update is added to the current block, which in turn is added to the blockchain at 110. Information or data related to the blockchain is stored and maintained in the blockchain datastore 18 of the computing nodes 12. If the update is not validated, then the update is not added to the current block and likewise not added to the blockchain. In addition, a reward, e.g., one or more digital tokens, can be credited to the winning mining computing nodes 12, at 112. That is, each node of the majority of computing nodes that determined, e.g., voted, to validate or deny the update can be credited an amount of digital tokens.

FIGS. 5A-B provide a schematic illustration of a process of a token committed security entry or update broadcast to all computing nodes, along with its validation, storage and digital token reward according to an additional example of the present disclosure. As shown in FIGS. 5A-B, at 202, a contributor can submit an update for a security entry along with an amount of digital tokens, e.g., as a stake amount for risked for verification or denial of the update. Then, at 204, the submitted update is broadcast to each of the computing nodes 12. Again, upon receipt of the update, the computing nodes 12 will make a determination as whether to validate or verify the update, at 206.

FIG. 5A further shows that, if validated at 208, the validated update is added to the current block, which in turn is added to the blockchain at 210. As further shown in FIG. 5A, if the update is validated, the contributor is returned the amount of digital tokens put up for the contribution, as well as an addition amount of digital tokens as a reward. In the illustrated embodiment, the reward is equal to, or otherwise weighted based on, the amount staked for the submitted update—that is, the contributor put up/staked one digital token and was returned that digital token, as well as an additional digital token as a reward, totaling two digital tokens returned. The reward however can include any suitable percentage of the originally staked amount, such as 0.25, 0.33, 0.50, 0.75, 2, 3, 4, and up to 5 or more times the original amount or other integers or non-integers therebetween.

On the other hand, as shown in FIG. 5B, if the update is not validated, the update is not added to the current block (208′), and when the current block is added to the blockchain, the current block will not include the denied update (at 210′). In addition, the amount put forth by the contributor is forfeited and no digital tokens are credited to the contributor (at 212′). Accordingly, requiring commitment of digital tokens to propose updates, can protect the network against spamming, especially during its early phase, because contributors will incur consequences, e.g., lose digital tokens, if they submit meritless updates that are unlikely to be validated by the community.

In one embodiment, the validation controller 24 can include a voting program or module configured to establish validation and rejection on a consensus basis, wherein the majority stakeholders' weight determines whether an update gets validated or rejected. More specifically, the validation controller 24 can determine whether a majority of the computing nodes 12 validated or denied, the security entry or update, and if it is a determined that a majority validated the update, the updated is added to the current block and then to the blockchain; however, if it is determined that a majority denied the update, the update is not added to the current block and not included in the blockchain. The validation module 24 can be configured to validate the updates either automatically or to facilitate manual validation by security analysts. For automatic validation, the validation controller 24 will use the Proof of Work (“PoW”) algorithm, workflow, etc. that contains a set of rules that must be meet for validation. For example, the PoW can require that the submitted security updates include specific fields or information, and if the submitted entry is missing a required field, the entry or update is denied. In one embodiment, a valid duplication ID, description, and reference may be required, and if any of the duplication ID, description, or reference are missing, validation of the security entry or update will be denied by the validation controller 24.

For manual validation, the validation controller 24 can simply receive votes for the validation or denial of security entries and/or updates. Furthermore, the validation controller 24 can set a specific confirmation time interval during which votes can be cast for validation, and a majority of votes that are cast within the confirmation time interval can determine whether the security entry or updates are validated or denied. For example, the validation controller 24 can start a timer when the security entry or update is received from the submitting contributor, with the timer being set to run for the confirmation time interval, and when the timer expires, the validation controller 24 can determine the number of votes for or against validation, and validate or deny validation based on the majority of votes. The confirmation time of each block can vary and generally will be selected or set to a time cycle of a length sufficient to allow enough manual validators to get the necessary time to vote for the proposed updates, such as a specific number of days, weeks, months, or years.

Notably, if a computer node 12 (miner), or set of computing nodes 12 (miners) does, or do, not validate/reject one or more updates according to the set of rules shared by the majority of computing nodes, then, those computing nodes could potentially fork the blockchain, or at some point in time having to reject its own new block and merge the out of sync block from the majority chain (merging) to continue to participate in the majority network. However, the majority of computing nodes that do adhere to the predefined set of validation rules will all continue mining for the next block on the majority network. Thus, one benefit of validation based on consensus (in other words, the winning (over 50%) cumulative Proof Of Work) is that the majority has authority on validating updates that gets persisted in a block, allowing for a democratic voting system, where one or more community, or group of nodes, are free to follow a forked version of the original, in other words genesis state of the blockchain.

FIG. 6 illustrates a Proof of Stake (“PoS”) process of validation applied to an update broadcasted to all computing nodes on the network according to a further aspect of the present disclosure. As shown in FIG. 6, at 302, any of the participants who hold digital tokens have the ability to vote to validate or reject a security entry or update. At 304, upon broadcast of a security entry or update, the participants can vote on the broadcast by committing an amount of digital tokens as a stake. An upper limit may be placed on the amount of digital tokens that can be submitted for a vote, such as a specific number of digital tokens or percentage of digital tokens (e.g., no more than 75%, 50%, 25% or less, of the participant's total owned tokens or the total amount of existing tokens in the system); however, the participants may be allowed to stake unlimited amounts of digital tokens, e.g., all of their possessed digital tokens, without departing from the scope of the present disclosure.

Thereafter, at 306, the voting power of each of the participants is determined, e.g., weighted, by their staked amount, and as shown at 308, the votes with the highest cumulated stakes will win and determine whether the security entry or update is validated or denied. For example, the each validation or denial vote is weighted based on the total amount staked for each vote (e.g., if 1 token is staked, then 1 vote is counted; if 2 tokens are staked, then 2 votes are counted; 3 tokens are staked, then 3 votes are counted; and so on), and the total number of weighted votes are compared to determine the winner, with the highest total determining validation or denial.

At 310, the contributors that voted for the winning side, e.g., to validate or deny, are awarded digital tokens. The awarded tokens can be based on the total amount staked for each vote and the more staked increases the reward returned (e.g., the reward can be equal to the amount staked for the submitted vote; however, the reward can include any suitable percentage of the originally staked amount, such as 0.25, 0.33, 0.50, 0.75, 2, 3, 4, and up to 5 or more times the amount associated with the vote or other integers or non-integers therebetween). Also, as shown at 312, if the security entry or update is validated, the contributor gets a reward including digital tokens.

FIGS. 7A and 7B illustrate a process or method for validating and securely storing security entry updates according to one aspect of the present disclosure. As shown in FIG. 7A, at 402, one or more security updates, e.g., updates related to a CVE or ECVE, submitted by a contributor are received. In addition, information related to an amount of digital tokens staked by the contributor for the submitted updates also can be received. Thereafter, the received updates can be broadcast across the system, i.e., to each of the various computer nodes 12, for mining or validation thereof. During this mining or validation period, minting or creation of new additional digital tokens may be locked or otherwise deactivated, as shown at 408.

FIG. 7A further shows that, at 410, it is determined whether the security entry update includes all of the required information fields, such as identification number, description, at least one reference, or other suitable information fields or data. If the security entry update does not include all of the required information fields, validation is denied at 412. Optionally, at 412, a notification can be provided to the contributor or any other participants that validation was denied.

If the security update did include all of required fields, the process can continue on and votes or digital token weighted votes can be received from system participants (at 414). For the embodiment in which digital weighted votes are used, the system also will receive information related to a staked amount of digital tokens for each vote (at 414). Then, at 416, the total number of votes or weighted votes can be determined or tallied. It then can be determined whether the received security update received a majority of the votes or weighted votes at 418. If the received security update did not receive a majority of the votes or weighted votes, validation will be denied and a digital token award will be provided to participants that voted to deny the updates at 420. Optionally, at 420, a notification can be provided to the contributor or other participants that validation was denied.

FIG. 7B shows that if the security update did receive a majority of votes or weighted votes, at 422, transaction information related to the update can be added to a current block and stored in the blockchain data store of the computing nodes. A hash value of a previous block in the blockchain also can be generated and added to the current block at 424. Thereafter, the current block will be added to the blockchain and stored in the blockchain data store at 426.

As further shown in FIG. 7B, at 428, minting or creation of new digital coins can be unlocked and new digital coins can be generated or minted. Digital tokens then can be distributed to the contributor (e.g., based on the staked amount), as well as to the participants who voted to validate the security update (e.g., based on the number of tokens submitted for each vote). This process will generally repeat for each later received security entry updates.

FIG. 8 illustrates an example computing node 12 according to the present disclosure. The computing node can include an information handling system that comprises computing elements to execute code of one or more software programs. The one or more software programs when executed by the one or more processors implement the processing steps discussed above, including but not limited to validation of contributors updates, storage and maintenance of integrity of the blockchain, granting network access to the blockchain, etc. For purposes of this disclosure, an information handling system may include any instrumentality or aggregate of instrumentalities operable to compute, calculate, determine, classify, process, transmit, receive, retrieve, originate, switch, store, display, communicate, manifest, detect, record, reproduce, handle, or utilize any form of information, intelligence, or data for business, scientific, control, or other purposes. For example, an information handling system may be a personal computer (e.g., desktop or laptop), tablet computer, mobile device (e.g., personal digital assistant (PDA) or smart phone), server (e.g., blade server or rack server), a network storage device, or any other suitable device and may vary in size, shape, performance, functionality, and price.

As FIG. 8 shows, the information handling system 12 includes the memory 16 that can include the datastores 18/20; the validation controller 24 and/or other processing logic; a random access memory (RAM) 26, as well as ROM, and/or other types of nonvolatile memory. As also illustrated in FIG. 8, the information handling system 12 includes one or more processing resources such as the processing unit 14, which can include a central processing unit (CPU) or hardware or software control logic. The information handling system also includes one or more network interface devices or controllers 28 for communicating with the network 22 (or set of networks), as well as various input and output (I/O) devices 30, such as a keyboard, a mouse, touchscreen and/or a video display. Additional components of the information handling system may include one or more disk drives, one or more network ports for communicating with external devices, one or more buses operable to transmit communications between the various hardware components, etc. and/or other suitable computing elements or devices.

The foregoing description generally illustrates and describes various embodiments of this disclosure. It will, however, be understood by those skilled in the art that various changes and modifications can be made to the above-discussed constructions and systems without departing from the spirit and scope of this disclosure as disclosed herein, and that it is intended that all matter contained in the above description or shown in the accompanying drawings shall be interpreted as being illustrative, and not to be taken in a limiting sense. Furthermore, the scope of the present disclosure shall be construed to cover various modifications, combinations, additions, alterations, etc., above and to the above-described embodiments, which shall be considered to be within the scope of this disclosure. Accordingly, various features and characteristics as discussed herein may be selectively interchanged and applied to other illustrated and non-illustrated embodiment, and numerous variations, modifications, and additions further can be made thereto without departing from the spirit and scope of the present invention as set forth in the appended claims.

INVENTORS:

Haber, Wayne, Tassoumt, Mehdi

THIS PATENT IS REFERENCED BY THESE PATENTS:

Patent

Priority

Assignee

Title

THIS PATENT REFERENCES THESE PATENTS:

Patent	Priority	Assignee	Title
10050992,	Feb 09 2015	TELEFONAKTIEBOLAGET L M ERICSSON PUBL	Mitigating the impact from Internet attacks in a RAN using Internet transport
10116500,	Mar 02 2015	The MathWorks, Inc.; The MathWorks, Inc	Exchanging information among system middleware and models
10169937,	Oct 20 2016	JPMORGAN CHASE BANK, N A	Systems and methods for multifactor physical authentication
10311231,	Sep 27 2017	GEN DIGITAL INC	Preventing a malicious computer application from executing in a computing environment
10356125,	May 26 2017	VADE USA, INCORPORATED	Devices, systems and computer-implemented methods for preventing password leakage in phishing attacks
10382489,	Dec 29 2016	MAGENTA SECURITY HOLDINGS LLC; MAGENTA SECURITY INTERMEDIATE HOLDINGS LLC	Technologies for privacy-preserving security policy evaluation
10419903,	Jul 10 2015	Cisco Technology, Inc.	Closed-loop optimization of a wireless network using an autonomous vehicle
10425223,	Mar 27 2012	Amazon Technologies, Inc.	Multiple authority key derivation
10474820,	Jun 17 2014	Hewlett Packard Enterprise Development LP	DNS based infection scores
10491632,	Jan 21 2016	F5 Networks, Inc	Methods for reducing compliance violations in mobile application management environments and devices thereof
10567407,	Apr 30 2015	YUNTIAN CO , LTD	Method and system for detecting malicious web addresses
10594713,	Nov 10 2017	SECUREWORKS CORP.	Systems and methods for secure propagation of statistical models within threat intelligence communities
10601865,	Sep 30 2015	MAGENTA SECURITY HOLDINGS LLC; MAGENTA SECURITY INTERMEDIATE HOLDINGS LLC	Detection of credential spearphishing attacks using email analysis
10728263,	Apr 13 2015	MAGENTA SECURITY HOLDINGS LLC; MAGENTA SECURITY INTERMEDIATE HOLDINGS LLC	Analytic-based security monitoring system and method
10762206,	Sep 16 2011	Veracode, Inc.	Automated behavioral and static analysis using an instrumented sandbox and machine learning classification for mobile security
10790982,	Oct 27 2017	SECUREWORKS CORP.	Systems and methods for block chain authentication
10834128,	Mar 30 2018	MAGENTA SECURITY HOLDINGS LLC; MAGENTA SECURITY INTERMEDIATE HOLDINGS LLC	System and method for identifying phishing cyber-attacks through deep machine learning via a convolutional neural network (CNN) engine
10853431,	Dec 26 2017	Meta Platforms, Inc	Managing distribution of content items including URLs to external websites
10915828,	Jan 04 2016	BEIJING BAIDU NETCOM SCIENCE AND TECHNOLOGY CO , LTD	Website address identification method and apparatus
11044263,	Jun 12 2018	SECUREWORKS CORP.	Systems and methods for threat discovery across distinct organizations
11165862,	Oct 24 2017	0Chain, LLC	Systems and methods of blockchain platform for distributed applications
5937066,	Oct 02 1996	International Business Machines Corporation	Two-phase cryptographic key recovery system
6357010,	Feb 17 1998	JPMORGAN CHASE BANK, N A ; MORGAN STANLEY SENIOR FUNDING, INC	System and method for controlling access to documents stored on an internal network
7269578,	Apr 10 2001	SWEENEY DESIGN LABS, LLC	Systems and methods for deidentifying entries in a data source
7331061,	Sep 07 2001	SECUREWORKS HOLDINGS, INC ; SECUREWORKS, INC	Integrated computer security management system and method
7492957,	Aug 29 2005	CA, INC	Using run length encoding to detect target images
7548932,	Mar 14 2001	Microsoft Technology Licensing, LLC	Schemas for a notification platform and related information services
7555482,	Jun 07 2005	VARONIS SYSTEMS, INC	Automatic detection of abnormal data access activities
7571474,	Dec 30 2004	TAHOE RESEARCH, LTD	System security event notification aggregation and non-repudiation
7594270,	Dec 29 2004	ALERT LOGIC, INC	Threat scoring system and method for intrusion detection security networks
7606801,	Jun 07 2005	VARONIS SYSTEMS, INC	Automatic management of storage access control
7613722,	Mar 14 2001	Microsoft Technology Licensing, LLC	Schemas for a notification platform and related information services
7770031,	Aug 31 1999	PLS IV, LLC	Data protection systems and methods
7856411,	Mar 21 2006	Northrop Grumman Systems Corporation	Social network aware pattern detection
8079081,	Jun 27 2008	Alert Logic, Inc.	Systems and methods for automated log event normalization using three-staged regular expressions
8122495,	Sep 07 2001	Dell Products, LP	Integrated computer security management system and method
8156553,	Jul 11 2008	Alert Logic, Inc.	Systems and methods for correlating log messages into actionable security incidents and managing human responses
8327419,	May 22 2008	Informatica Corporation	System and method for efficiently securing enterprise data resources
8407335,	Jun 18 2008	Alert Logic, Inc.	Log message archiving and processing using a remote internet infrastructure
8490193,	Sep 08 2009	FORTRA, LLC	System and method for probabilistic attack planning
8490196,	Aug 05 2009	FORTRA, LLC	System and method for extending automated penetration testing to develop an intelligent and cost efficient security strategy
8522350,	Nov 19 2008	Dell Products, LP	System and method for run-time attack prevention
8539575,	Sep 30 2008	Microsoft Technology Licensing, LLC	Techniques to manage access to organizational information of an entity
8578393,	Jun 18 2008	Alert Logic, Inc.	Log message collection employing on-demand loading of message translation libraries
8595170,	Jun 14 2001	Cisco Technology, Inc	Stateful reference monitor
8621618,	Feb 07 2011	SECUREWORKS, INC	System and method for assessing whether a communication contains an attack
8701176,	Sep 07 2001	Dell Products, LP	Integrated computer security management system and method
8805881,	May 06 2010	International Business Machines Corporation	Reputation based access control
8832048,	Dec 29 2005	NextLabs, Inc.	Techniques and system to monitor and log access of information based on system and user context using policies
8839414,	May 30 2008	IRDETO B V	Authenticated database connectivity for unattended applications
8898777,	Oct 14 2011	NORTONLIFELOCK INC	Systems and methods for detecting user activities to identify deceptive activity
8909673,	Jan 27 2011	VARONIS SYSTEMS, INC	Access permissions management system and method
8928476,	May 17 2012	Honeywell International Inc.; Honeywell International Inc	System for advanced security management
8931095,	Feb 07 2011	SECUREWORKS CORP	System and method for assessing whether a communication contains an attack
8938802,	Nov 19 2008	Dell Products, LP	System and method for run-time attack prevention
8959115,	Jul 09 2010	Veritas Technologies LLC	Permission tracking systems and methods
8984644,	Jul 01 2003	SecurityProfiling, LLC	Anti-vulnerability system, method, and computer program product
9009828,	Sep 28 2007	SECURWORKS, INC	System and method for identification and blocking of unwanted network traffic
9032478,	Jan 29 2009	Hewlett Packard Enterprise Development LP	Managing security in a network
9046886,	Apr 30 2012	GE INFRASTRUCTURE TECHNOLOGY LLC	System and method for logging security events for an industrial control system
9047336,	May 06 2010	International Business Machines Corporation	Reputation based access control
9069599,	Jun 19 2008	VIDEOLABS, INC	System and method for a cloud computing abstraction layer with security zone facilities
9098702,	Mar 20 2009	Microsoft Technology Licensing, LLC	Controlling malicious activity detection using behavioral models
9129105,	Sep 29 2011	Oracle International Corporation	Privileged account manager, managed account perspectives
9130988,	Dec 21 2010	Microsoft Technology Licensing, LLC	Scareware detection
9137262,	Oct 11 2011	Citrix Systems, Inc	Providing secure mobile device access to enterprise resources using application tunnels
9298895,	Dec 29 2005	NextLabs, Inc.	Preventing conflicts of interests between two or more groups using applications
9319426,	Jun 18 2013	SECUREWORKS CORP	System and method for operating malicious marker detection software on management controller of protected system
9338134,	Mar 27 2013	Fortinet, Inc.	Firewall policy management
9338180,	Sep 28 2007	SECUREWORKS CORP.	System and method for identification and blocking of unwanted network traffic
9430534,	May 09 2013	WIPRO LIMITED	Systems and methods for improved security and precision in executing analytics using SDKS
9438563,	Mar 27 2013	Fortinet, Inc.	Firewall policy management
9519756,	Mar 15 2013	Microsoft Corporation	Managing policy and permissions profiles
9544273,	Jul 31 2012	TREND MICRO INCORPORATED	Network traffic processing system
9548994,	Oct 18 2011	MAGENTA SECURITY HOLDINGS LLC; MAGENTA SECURITY INTERMEDIATE HOLDINGS LLC	Integrating security policy and event management
9558352,	Nov 06 2014	WELLS FARGO BANK, N A	Malicious software detection in a computing system
9560062,	Dec 03 2013	SECUREWORKS CORP	System and method for tamper resistant reliable logging of network traffic
9560068,	Jan 13 2010	Microsoft Technology Licensing, LLC	Network intrusion detection with distributed correlation
9596252,	Jul 31 2013	SPLUNK Inc.	Identifying possible security threats using event group summaries
9628511,	Sep 28 2007	SECUREWORKS CORP.	System and method for identification and blocking of unwanted network traffic
9667656,	Mar 30 2015	Amazon Technologies, Inc	Networking flow logs for multi-tenant environments
9667661,	Sep 29 2011	Oracle International Corporation	Privileged account manager, dynamic policy engine
9710672,	Sep 08 2014	SYBILSECURITY IP LLC	System for and method of controllably disclosing sensitive data
9742559,	Jan 22 2013	Qualcomm Incorporated	Inter-module authentication for securing application execution integrity within a computing device
9767302,	Dec 22 2006	NextLabs, Inc.	Detecting behavioral patterns and anomalies using activity profiles
9805202,	Nov 13 2013	PALO ALTO NETWORKS, INC	Automated SDK ingestion
9832022,	Feb 26 2015	Altera Corporation	Systems and methods for performing reverse order cryptographic operations on data streams
9910986,	Aug 05 2015	Invincea, Inc.	Methods and apparatus for machine learning based malware detection
9973524,	Sep 24 2010	BitSight Technologies, Inc.	Information technology security assessment system
20020129135,
20040019785,
20050138204,
20050288939,
20060012815,
20060037076,
20060195575,
20060253447,
20070226248,
20070226807,
20080077593,
20080219334,
20080255997,
20080262991,
20080320000,
20090198682,
20100125913,
20110004771,
20110179492,
20110276604,
20110276716,
20120117640,
20120185275,
20120246730,
20120254333,
20120260341,
20130104191,
20130138428,
20130173620,
20130226938,
20130238319,
20130282746,
20130291103,
20130318604,
20140003606,
20140004102,
20140006785,
20140047544,
20140051432,
20140222712,
20140373151,
20150019323,
20150040225,
20150074390,
20150113258,
20150135287,
20150156212,
20150186618,
20150220918,
20150222652,
20150269570,
20150271047,
20150324457,
20160014140,
20160014151,
20160078365,
20160099963,
20160139886,
20160182546,
20160241591,
20160277423,
20160313709,
20160337400,
20160342805,
20160378978,
20170026343,
20170063893,
20170098087,
20170111379,
20170140295,
20170142149,
20170169154,
20170171228,
20170180418,
20170201381,
20170201431,
20170201490,
20170201548,
20170208084,
20170208085,
20170214675,
20170243004,
20170243005,
20170244734,
20170244750,
20170244754,
20170244762,
20170308872,
20170318034,
20170359368,
20170366348,
20180077189,
20180089574,
20180091306,
20180101842,
20180124073,
20180124085,
20180152480,
20180181599,
20180288198,
20180367550,
20180375668,
20190014149,
20190037406,
20190050554,
20190095801,
20190102646,
20190104154,
20190109717,
20190122258,
20190132131,
20190132344,
20190141079,
20190149564,
20190171849,
20190173919,
20190179801,
20190297096,
20190342296,
20190347433,
20190377832,
20190379678,
20200036750,
20200183950,
20200259791,
20200351302,
20200351307,
20200356665,
20200358795,
20200358819,
20200364338,
20200394309,
20210014067,
20210067562,
20210109797,
20210185057,
EP3599753,
RU2738344,
WO2007002749,
WO2007090605,
WO2010059843,
WO2021067238,

ASSIGNMENT RECORDS Assignment records on the USPTO

/////////////////////

Executed on	Assignor	Assignee	Conveyance	Frame	Reel	Doc
Oct 11 2019		SECUREWORKS CORP.	(assignment on the face of the patent)
Nov 13 2019	TASSOUMT, MEHDI	SECUREWORKS CORP	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	051177	0895	pdf
Dec 04 2019	HABER, WAYNE	SECUREWORKS CORP	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	051177	0895	pdf
Dec 12 2019	WYSE TECHNOLOGY L L C	THE BANK OF NEW YORK MELLON TRUST COMPANY, N A , AS COLLATERAL AGENT	PATENT SECURITY AGREEMENT NOTES	051302	0528	pdf
Dec 12 2019	SECUREWORKS CORP	THE BANK OF NEW YORK MELLON TRUST COMPANY, N A , AS COLLATERAL AGENT	PATENT SECURITY AGREEMENT NOTES	051302	0528	pdf
Dec 12 2019	Dell Products L P	THE BANK OF NEW YORK MELLON TRUST COMPANY, N A , AS COLLATERAL AGENT	PATENT SECURITY AGREEMENT NOTES	051302	0528	pdf
Dec 12 2019	EMC IP HOLDING COMPANY LLC	THE BANK OF NEW YORK MELLON TRUST COMPANY, N A , AS COLLATERAL AGENT	PATENT SECURITY AGREEMENT NOTES	051302	0528	pdf
Dec 30 2019	EMC Corporation	Credit Suisse AG, Cayman Islands Branch	SECURITY AGREEMENT	051449	0728	pdf
Dec 30 2019	SECUREWORKS CORP	Credit Suisse AG, Cayman Islands Branch	SECURITY AGREEMENT	051449	0728	pdf
Dec 30 2019	WYSE TECHNOLOGY L L C	Credit Suisse AG, Cayman Islands Branch	SECURITY AGREEMENT	051449	0728	pdf
Dec 30 2019	EMC IP HOLDING COMPANY LLC	Credit Suisse AG, Cayman Islands Branch	SECURITY AGREEMENT	051449	0728	pdf
Dec 30 2019	Dell Products L P	Credit Suisse AG, Cayman Islands Branch	SECURITY AGREEMENT	051449	0728	pdf
Nov 01 2021	Credit Suisse AG, Cayman Islands Branch	EMC Corporation	RELEASE OF SECURITY INTEREST AT REEL 051449 FRAME 0728	058002	0010	pdf
Nov 01 2021	Credit Suisse AG, Cayman Islands Branch	SECUREWORKS CORP	RELEASE OF SECURITY INTEREST AT REEL 051449 FRAME 0728	058002	0010	pdf
Nov 01 2021	Credit Suisse AG, Cayman Islands Branch	WYSE TECHNOLOGY L L C	RELEASE OF SECURITY INTEREST AT REEL 051449 FRAME 0728	058002	0010	pdf
Nov 01 2021	Credit Suisse AG, Cayman Islands Branch	EMC IP HOLDING COMPANY LLC	RELEASE OF SECURITY INTEREST AT REEL 051449 FRAME 0728	058002	0010	pdf
Nov 01 2021	Credit Suisse AG, Cayman Islands Branch	Dell Products L P	RELEASE OF SECURITY INTEREST AT REEL 051449 FRAME 0728	058002	0010	pdf
Mar 29 2022	THE BANK OF NEW YORK MELLON TRUST COMPANY, N A , AS NOTES COLLATERAL AGENT	Dell Products L P	RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL FRAME 051302 0528	060438	0593	pdf
Mar 29 2022	THE BANK OF NEW YORK MELLON TRUST COMPANY, N A , AS NOTES COLLATERAL AGENT	EMC IP HOLDING COMPANY LLC	RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL FRAME 051302 0528	060438	0593	pdf
Mar 29 2022	THE BANK OF NEW YORK MELLON TRUST COMPANY, N A , AS NOTES COLLATERAL AGENT	DELL MARKETING CORPORATION SUCCESSOR-IN-INTEREST TO WYSE TECHNOLOGY L L C	RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL FRAME 051302 0528	060438	0593	pdf
Mar 29 2022	THE BANK OF NEW YORK MELLON TRUST COMPANY, N A , AS NOTES COLLATERAL AGENT	SECUREWORKS CORP	RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL FRAME 051302 0528	060438	0593	pdf

MAINTENANCE FEES AND DATES: Maintenance records on the USPTO

Date	Maintenance Fee Events
Oct 11 2019	BIG: Entity status set to Undiscounted (note the period is included in the code).

Date	Maintenance Schedule
Jul 05 2025	4 years fee payment window open
Jan 05 2026	6 months grace period start (w surcharge)
Jul 05 2026	patent expiry (for year 4)
Jul 05 2028	2 years to revive unintentionally abandoned end. (for year 4)
Jul 05 2029	8 years fee payment window open
Jan 05 2030	6 months grace period start (w surcharge)
Jul 05 2030	patent expiry (for year 8)
Jul 05 2032	2 years to revive unintentionally abandoned end. (for year 8)
Jul 05 2033	12 years fee payment window open
Jan 05 2034	6 months grace period start (w surcharge)
Jul 05 2034	patent expiry (for year 12)
Jul 05 2036	2 years to revive unintentionally abandoned end. (for year 12)